﻿using System;
using System.Collections.Generic;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Security.Cryptography;
using System.Text;

public partial class AddUser : System.Web.UI.Page
{
    SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ApplicationServices"].ConnectionString);

    protected void Page_Load(object sender, EventArgs e)
    {
        if (Request.IsAuthenticated == false)
        {
            Response.Redirect("login.aspx");
        }

        if (Request.IsAuthenticated)
        {
            string n = "";
            SqlCommand sCmd = new SqlCommand("SELECT name FROM USERS WHERE id=@id", conn);
            sCmd.Parameters.Add(new SqlParameter("@id", SqlDbType.Int)).Value = User.Identity.Name;
            conn.Open();
            SqlDataReader dr = sCmd.ExecuteReader();
            while (dr.Read())
            {
                string name = Convert.ToString(dr[0].ToString());
                n = name;
            }
            dr.Close();
            conn.Close();

            WelcomeBackMessage.Text = "Welcome back, " + n + "!";

            AuthenticatedHeaderPanel.Visible = true;
            AuthenticatedMessagePanel.Visible = true;
            AuthenticatedMenuPanel.Visible = true;

            if (!IsPostBack)
            {
                SetData();
            }
        }
        else
        {
            AuthenticatedHeaderPanel.Visible = false;
            AuthenticatedMessagePanel.Visible = false;
            AuthenticatedMenuPanel.Visible = false;
        }
    }

    private void SetData()
    {
        conn.Open();
        SqlCommand selCmd = new SqlCommand("SELECT type_licence FROM licence_type", conn);
        SqlDataReader rd = selCmd.ExecuteReader();

        while (rd.Read())
        {
            DropLicence.Items.Add(rd["type_licence"].ToString());
        }
        conn.Close();
    }

    public string MD5String(string input)
    {
        MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
        byte[] inputBytes = Encoding.ASCII.GetBytes(input);
        byte[] hashBytes = md5.ComputeHash(inputBytes);
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < hashBytes.Length; i++)
        {
            sb.Append(hashBytes[i].ToString("x2"));
        }
        return sb.ToString();
    }

    protected void AddButton_Click(object sender, EventArgs e)
    {
        int id_lic = 0;
        conn.Open();
        SqlCommand selCmd = new SqlCommand("SELECT id FROM licence_type WHERE type_licence=@type_licence", conn);
        selCmd.Parameters.Add(new SqlParameter("@type_licence", System.Data.SqlDbType.NVarChar)).Value = DropLicence.SelectedValue.ToString();
        SqlDataReader rd = selCmd.ExecuteReader();
        while (rd.Read())
        {
            id_lic = Convert.ToInt32(rd["id"].ToString());
        }
        conn.Close();

        string name = tb_name.Text;
        string secondname = tb_secondname.Text;
        string login = tb_login.Text;
        string password = tb_password.Text;
        string email = tb_email.Text;
        string id_licence = id_lic.ToString();
        string supeuser = check_superuser.Checked.ToString();
        string activated = check_activated.Checked.ToString();
        string additional_user = check_additional_user.Checked.ToString();

        conn.Open();
        SqlCommand selCmd_login = new SqlCommand("SELECT login FROM users WHERE login=@login", conn);
        selCmd_login.Parameters.Add(new SqlParameter("@login", System.Data.SqlDbType.NVarChar)).Value = login;
        SqlDataReader rd1 = selCmd_login.ExecuteReader();
        if (rd1.HasRows)
        {
            System.Web.HttpContext.Current.Response.Write("<SCRIPT LANGUAGE='JavaScript'>alert('Fail! Login exists!')</SCRIPT>");
        }
        else
        {        
            _User Add = _User.Insert(name, secondname, login, MD5String(password), email, id_licence, supeuser, activated, additional_user, this.User.Identity.Name.ToString());
            Response.Redirect("MyUsers.aspx");
        }
        conn.Close();        
    }

    protected void CancelButton_Click(object sender, EventArgs e)
    {
        Response.Redirect("MyUsers.aspx");
    }
}